CVE-2011-1167

Published: 28 March 2011

Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in tif_thunder.c in LibTIFF 3.9.4 and earlier allows remote attackers to execute arbitrary code via crafted THUNDER_2BITDELTAS data in a .tiff file that has an unexpected BitsPerSample value.

Priority

Medium

Status

Package Release Status
tiff
Launchpad, Ubuntu, Debian
Upstream Needs triage

Patches:
Upstream: http://bugzilla.maptools.org/show_bug.cgi?id=2300